6f162309587282000d4e9e03388e49d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f162309587282000d4e9e03388e49d2_JaffaCakes118
Size

1.7MB
MD5

6f162309587282000d4e9e03388e49d2
SHA1

b6d40dd4a39cc7615f84cbfc695f64bbb4397ca2
SHA256

b381c3108ad23c27142a37633dbe734dc9ebc2dd6078f5b3f03fa1a28c0a3370
SHA512

5d573f36753be6b238b39a9787cfc7e1c3887cba7e9c21fb4ccf49bea7a47c7b7459792d75fc63c45f01fb5d26913c11098ded64aad39de7bd52d1bbf3df770e
SSDEEP

24576:Gfczn5LwUmG9cjbj9D4RphAwAu26A7bW3KQYagt6f2VMh4Jb73WepzpqT63EL8eX:Gc9gGGXj9EROu29qd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f162309587282000d4e9e03388e49d2_JaffaCakes118

Files

6f162309587282000d4e9e03388e49d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ca280cce606a4844eff2747bb38b0f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetVersionExA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GetCPInfo
GetOEMCP
HeapAlloc
VirtualAlloc
GetModuleFileNameA
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetACP
LoadLibraryExA
ExitProcess
GetVersion
FlushViewOfFile
CreateMutexA
GetSystemDirectoryW
AreFileApisANSI
CancelIo
CreateMailslotA
CreateDirectoryW
FlushInstructionCache
BackupWrite
FlushFileBuffers
BackupRead
EnumSystemCodePagesA
CreateMutexW
EnumCalendarInfoA
RemoveDirectoryA
CreateDirectoryA
OpenProcess
FoldStringA
VirtualProtect
EnumCalendarInfoW
CreateDirectoryExW
SetFileAttributesA
EnumSystemCodePagesW
FoldStringW
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetLastError
GetModuleHandleA
FreeEnvironmentStringsW
GetStringTypeW

user32

GetWindowLongW
LoadStringW
DefFrameProcW
GetSysColor
GetWindowLongA
GetParent
DestroyCaret
SetCursor
CreateDialogIndirectParamA
DefWindowProcA
GetClientRect
DispatchMessageW
CharNextW
DestroyAcceleratorTable
RegisterClassExW
DefFrameProcA
IsWindowEnabled
SetClassLongA
SetWindowLongW
GetSubMenu
CharNextA
DispatchMessageA
CloseClipboard
CreateDesktopW
GetClassNameW
GetClassLongW
GetClassNameA
GetSystemMetrics

gdi32

CreateFontIndirectA
ExtCreateRegion
GetAspectRatioFilterEx
EnumFontFamiliesW
BitBlt
GetArcDirection
EndPath
GetBitmapBits
CreateDCA
CopyMetaFileW
RectVisible
ExtTextOutA
StartDocA
SetBkColor
GetBitmapDimensionEx
EnumEnhMetaFile
ExcludeClipRect
ExtEscape
CreateCompatibleBitmap
ExtCreatePen
PtVisible
GetBkColor
GetBkMode
GetBoundsRect
CombineRgn

advapi32

RegCreateKeyExA
DeleteAce
LookupAccountNameW
CreateRestrictedToken
IsValidSid
AddAccessAllowedAce
RegQueryValueExA
LookupPrivilegeNameA
RegEnumValueA
CreateServiceA
AddAce
AddAccessDeniedAce
RegDeleteKeyA
RegEnumValueW
AccessCheckAndAuditAlarmA
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
AdjustTokenGroups
RegOpenKeyW
CopySid
InitializeSid
RegSetValueExA
AddAuditAccessAce
AccessCheckAndAuditAlarmW
AreAllAccessesGranted
EqualSid
RegQueryInfoKeyA

Sections

.text
Size: 904KB - Virtual size: 900KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 30.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 824KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/BITMAP/208.bmp
.rsrc/0/BITMAP/9151.bmp
.rsrc/0/BITMAP/9152.bmp
.rsrc/0/BITMAP/9153.bmp
.rsrc/0/BITMAP/9154.bmp
.rsrc/0/BITMAP/9155.bmp
.rsrc/0/BITMAP/9157.bmp
.rsrc/1033/DIALOG/103
.rsrc/1033/DIALOG/105
.rsrc/1033/DIALOG/106
.rsrc/1033/DIALOG/109
.rsrc/1033/DIALOG/111
.rsrc/1033/GROUP_ICON/103
.rsrc/1033/ICON/1.ico
.rsrc/1033/ICON/2.ico
.rsrc/1033/ICON/3.ico
.rsrc/1033/ICON/4.ico
.rsrc/1033/ICON/5.ico
.rsrc/1033/ICON/6.ico
.rsrc/1033/ICON/7.ico
.rsrc/1033/ICON/8.ico
.rsrc/1033/ICON/9.ico
.rsrc/1033/MANIFEST/1
.xml
.rsrc/1033/version.txt
.rsrc/1049/BITMAP/1126.bmp
.rsrc_1
.text

Sharing

General

Malware Config

Signatures

Files

2ca280cce606a4844eff2747bb38b0f8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 904KB - Virtual size: 900KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 30.1MB

.rsrc Size: 824KB - Virtual size: 822KB

.text
Size: 904KB - Virtual size: 900KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 30.1MB

.rsrc
Size: 824KB - Virtual size: 822KB